public static List <ItemModel> GetBookByType(string token, string type, string value)
{
StringBuilder sql = new StringBuilder();
sql.Append("SELECT * FROM library_item " +
"WHERE Category = 'book' " +
$"AND {type} ");
if (type.Equals("Id"))
{
sql.Append($" = {value} ");
}
else
{
sql.Append($" LIKE '%{value}%' ");
}
switch (UserProcessor.GetUserType(token))
{
case -1:
return(null);
case 2:
sql.Append("AND Access = 'public' ");
break;
}
return(SqlDataAccess.LoadData <ItemModel>(sql.ToString()));
}
public static int VerifyDeleteUser(string token, int id)
{
var userRole = GetUserRole(token);
if (userRole != 0)
{
return(-1);
}
return(UserProcessor.DeleteUser(id));
}
public static int WriteAuthenticationToken(int userId, string token)
{
var date = DateTime.Now.AddHours(24);
const string sql = @"INSERT INTO authentication_token(UserId, Token, ExpireDateTime) VALUES(@UserId, @Token, @ExpireDateTime);";
var data = new TokenModel
{
Token = token,
UserId = userId,
ExpireDateTime = date.ToString("yyyy-MM-dd hh:mm:ss")
};
SqlDataAccess.SaveData(sql, data);
return(UserProcessor.GetUserRole(token));
}
public static int CreateMember(string userName, string firstName,
string lastName, int phone_num)
{
int id = UserProcessor.get_id(userName);
MemberModel data = new MemberModel
{
FirstName = firstName,
LastName = lastName,
Phone_Num = phone_num,
User_ID = id
};
string sql = @"insert into dbo.Member(FirstName, LastName, Phone, User_ID)
values (@FirstName, @LastName, @Phone_num, @User_ID);";
return(SqlDataAccess.SaveData <MemberModel>(sql, data));
}
public static IEnumerable <ItemModel> GetAllBooks(string token)
{
StringBuilder sql = new StringBuilder();
sql.Append("SELECT * FROM library_item " +
"WHERE Category = 'book' ");
switch (UserProcessor.GetUserType(token))
{
case -1:
return(null);
case 2:
sql.Append("AND Access = 'public' ");
break;
}
return(SqlDataAccess.LoadData <ItemModel>(sql.ToString()));
}
public static List <ItemModel> GetBookById(string token, int id)
{
StringBuilder sql = new StringBuilder();
sql.Append("SELECT * FROM library_item " +
"WHERE Category = 'book' " +
$"AND Id = {id} ");
switch (UserProcessor.GetUserType(token))
{
case -1:
return(null);
case 2:
sql.Append("AND Access = 'public' ");
break;
}
return(SqlDataAccess.LoadData <ItemModel>(sql.ToString()));
}
